Carriers of Worldwide Interoperability for Microwave Access (WIMAX) networks, plan to use the Open Mobile Alliance (OMA) for Device Management (DM) protocol, or another potential provisioning mechanism, to pass user credentials to a client device at first use, in order to create a seamless provisioning of the client device without user intervention. A device management session is a method of distributing software updates to enable services on a client device, including settings which enable the client device to access services provided by a network service provider. These user credentials are passed to a database in the client device. The database is managed by the OMA software, and the user credentials are stored in system memory on the client device for future use when logging onto the WIMAX network.
It is widely considered that the system memory of the client device is not a safe place to store a user credential. Viruses, remote root attacks, rootkits, and other forms of malware may be able to gain access to the user credential stored in the client device's RAM, hard disk, or other type of storage.
Presently, provisioning happens after device authentication takes place using a client device certificate, yielding a master session key (MSK) that is used at the root of a key derivation function in order to derive a lower encryption key. Presently, a boot strap document is transferred to the client device at the network layer (L3), thus passing straight to the OMA client in the client device, without being parsed by the client device's network interface controller.
Throughout the description, similar reference numbers may be used to identify similar elements.